From 3b650c56a5ecd4242ecb4926a0b4e62a7a1ef691 Mon Sep 17 00:00:00 2001 From: Hank Donnay Date: Thu, 18 Apr 2024 09:30:01 -0500 Subject: [PATCH 1/4] cicd: fix nightly build Signed-off-by: Hank Donnay --- .github/script/nightly-module.sh | 23 +++++++++++++++-------- .github/workflows/nightly.yml | 22 ++++++++-------------- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/script/nightly-module.sh b/.github/script/nightly-module.sh index eba075f003..7cbb7998a2 100755 --- a/.github/script/nightly-module.sh +++ b/.github/script/nightly-module.sh @@ -1,15 +1,22 @@ #!/bin/sh set -e : "${CLAIRCORE_BRANCH:=main}" -: "${GO_VERSION:=1.20}" -test "${#GO_VERSION}" -gt 4 && GO_VERSION=${GO_VERSION%.*} +echo "::group::go version" cd "$(git rev-parse --show-toplevel)" -echo '#' "$(go version)" -go mod edit "-go=${GO_VERSION}"\ - "-replace=github.com/quay/claircore=github.com/quay/claircore@${CLAIRCORE_BRANCH}" -git diff +go version +echo "::endgroup::" + test -d vendor && rm -rf vendor + +echo "::group::Changes" +go mod edit \ + "-replace=github.com/quay/claircore=github.com/quay/claircore@${CLAIRCORE_BRANCH}" go mod tidy -go mod vendor -echo "clair_version=$(git describe --tags --always --dirty --match 'v4.*')" >> "$GITHUB_OUTPUT" +go mod download # Shouldn't be needed, but just to be safe... +git diff +echo "::endgroup::" + +clair_version="$(git describe --tags --always --dirty --match 'v4.*')" +echo "::notice::Clair version: ${clair_version}" +echo "clair_version=${clair_version}" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index b57c29782a..7cc90f0a0c 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -7,9 +7,6 @@ on: branch: description: 'Claircore branch to reference' required: false - go_version: - description: 'Go version to be used throughout' - required: false tag: description: 'Tag to push resulting image to' required: false @@ -30,7 +27,6 @@ jobs: # nicer workflow inputs so that the cron trigger works. run: | br=$(test -n "${{github.event.inputs.branch}}" && echo "${{github.event.inputs.branch}}" || echo main) - gv=$(test -n "${{github.event.inputs.go_version}}" && echo "${{github.event.inputs.go_version}}" || echo 1.20) : "${repo:=$GITHUB_REPOSITORY}" test "${repo%%/*}" = quay && repo="projectquay/${repo##*/}" ||: cat <<. >>$GITHUB_OUTPUT @@ -39,27 +35,25 @@ jobs: date=$(date -u '+%Y-%m-%d') tag=$(test -n "${{github.event.inputs.tag}}" && echo "${{github.event.inputs.tag}}" || echo nightly) claircore_branch=${br} - go_version=${gv} repo=${repo} . # Environment variables printf 'CLAIRCORE_BRANCH=%s\n' "${br}" >> $GITHUB_ENV - printf 'GO_VERSION=%s\n' "$gv" >> $GITHUB_ENV - printf '%s/.local/go/bin\n' "$HOME" >> $GITHUB_PATH - uses: docker/setup-qemu-action@v3 with: platforms: all - uses: docker/setup-buildx-action@v3 - - uses: actions/setup-go@v5 - with: - go-version: ${{ steps.setup.outputs.go_version }} - check-latest: true - uses: actions/checkout@v4 with: fetch-depth: 0 + - id: setup-go + uses: actions/setup-go@v5 + with: + go-version-file: go.mod + check-latest: true - uses: ./.github/actions/go-cache with: - go: ${{ steps.setup.outputs.go_version }} + go: ${{ steps.setup.setup-go.go_version }} - id: mod run: ./.github/script/nightly-module.sh - id: novelty @@ -74,15 +68,15 @@ jobs: username: ${{ secrets.QUAY_USER }} password: ${{ secrets.QUAY_TOKEN }} - name: Export + if: steps.novelty.outputs.cache-hit != 'true' # This exports the current state of the main branch, and appends our modified go module files. run: | mkdir "${{ runner.temp }}/build" git archive --add-file=go.mod --add-file=go.sum origin/main | tar -x -C "${{ runner.temp }}/build" - uses: docker/build-push-action@v5 + if: steps.novelty.outputs.cache-hit != 'true' with: - build-args: | - GO_VERSION=${{ env.GO_VERSION }} cache-from: type=gha cache-to: type=gha,mode=max context: ${{ runner.temp }}/build From 08581d82726f60d26c4508400883e936d270909c Mon Sep 17 00:00:00 2001 From: Hank Donnay Date: Thu, 18 Apr 2024 11:03:41 -0500 Subject: [PATCH 2/4] cicd: tweaks to the set-image-expiration action Signed-off-by: Hank Donnay --- .github/actions/set-image-expiration/action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/actions/set-image-expiration/action.yml b/.github/actions/set-image-expiration/action.yml index 65b3362645..29a2bfbe7c 100644 --- a/.github/actions/set-image-expiration/action.yml +++ b/.github/actions/set-image-expiration/action.yml @@ -8,7 +8,7 @@ inputs: duration: description: 'Duration (in seconds) into the future to expire the image.' required: false - default: 1209600 + default: '1209600' repo: description: 'Namespace & repository' required: true @@ -22,10 +22,12 @@ runs: using: 'composite' steps: - id: add-mask + name: Add Mask shell: sh run: | printf '::add-mask::%s\n' "${{ inputs.token }}" - id: write-script + name: Prepare Request shell: sh run: | jq -n -c --argjson e "$(($(date -u +%s) + ${{ inputs.duration }}))" '{expiration: $e}' > "${RUNNER_TEMP}/expiration.json" @@ -43,5 +45,6 @@ runs: . chmod +x "${RUNNER_TEMP}/run" - id: call + name: Execute Request shell: sh run: '${RUNNER_TEMP}/run' From c42bee62e2fcad39743be02191055d967d5a15a6 Mon Sep 17 00:00:00 2001 From: Hank Donnay Date: Thu, 18 Apr 2024 11:24:59 -0500 Subject: [PATCH 3/4] cicd: improve nightly script output Signed-off-by: Hank Donnay --- .github/script/nightly-module.sh | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/script/nightly-module.sh b/.github/script/nightly-module.sh index 7cbb7998a2..1446f05f2a 100755 --- a/.github/script/nightly-module.sh +++ b/.github/script/nightly-module.sh @@ -1,22 +1,27 @@ #!/bin/sh set -e : "${CLAIRCORE_BRANCH:=main}" - -echo "::group::go version" cd "$(git rev-parse --show-toplevel)" -go version -echo "::endgroup::" - test -d vendor && rm -rf vendor -echo "::group::Changes" +echo "::group::Edits" go mod edit \ "-replace=github.com/quay/claircore=github.com/quay/claircore@${CLAIRCORE_BRANCH}" go mod tidy go mod download # Shouldn't be needed, but just to be safe... -git diff echo "::endgroup::" clair_version="$(git describe --tags --always --dirty --match 'v4.*')" -echo "::notice::Clair version: ${clair_version}" echo "clair_version=${clair_version}" >> "$GITHUB_OUTPUT" + +cat <<. >>"$GITHUB_STEP_SUMMARY" +### Changes + +- **Go version:** $(go version) +- **Clair version:** ${clair_version} +. +{ + echo '```patch' + git diff + echo '```' +} >>"$GITHUB_STEP_SUMMARY" From 6861b8047fd8e64ee285d48319cd40939be86367 Mon Sep 17 00:00:00 2001 From: Hank Donnay Date: Thu, 18 Apr 2024 12:06:52 -0500 Subject: [PATCH 4/4] cicd: remove second go-caching action Signed-off-by: Hank Donnay --- .github/workflows/nightly.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 7cc90f0a0c..d17e9df8a0 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -51,9 +51,11 @@ jobs: with: go-version-file: go.mod check-latest: true - - uses: ./.github/actions/go-cache - with: - go: ${{ steps.setup.setup-go.go_version }} + - name: Warm cache + if: steps.setup-go.outputs.cache-hit != 'true' + run: | + # go mod download + find . -name go.mod -type f -execdir go mod download \; - id: mod run: ./.github/script/nightly-module.sh - id: novelty